h4cker/new_tools.md

101 lines
17 KiB
Markdown
Raw Normal View History

2019-01-19 19:35:23 +00:00
# Latest Cool Tools
The following are a collection of recently-released pen test tools. I update this list every time that there is a new post and when I find a new one around the Internet. The rest of the repository has hundreds of additional cybersecurity and pen test tools.
----
2020-01-15 20:40:02 +00:00
- [Shell Backdoor List - PHP / ASP Shell Backdoor List](http://feedproxy.google.com/~r/PentestTools/~3/4bTU5BSifCg/shell-backdoor-list-php-asp-shell.html)
2020-01-15 11:35:02 +00:00
- [Hakrawler - Simple, Fast Web Crawler Designed For Easy, Quick Discovery Of Endpoints And Assets Within A Web Application](http://feedproxy.google.com/~r/PentestTools/~3/8uHkviu3bCQ/hakrawler-simple-fast-web-crawler.html)
2020-01-14 20:35:04 +00:00
- [Gtfo - Search For Unix Binaries That Can Be Exploited To Bypass System Security Restrictions](http://feedproxy.google.com/~r/PentestTools/~3/vY14tKcJFoo/gtfo-search-for-unix-binaries-that-can.html)
2020-01-14 11:35:02 +00:00
- [SWFPFinder - SWF Potential Parameters Finder](http://feedproxy.google.com/~r/PentestTools/~3/oq6S3f4ZiN8/swfpfinder-swf-potential-parameters.html)
2020-01-13 20:55:02 +00:00
- [laravelN00b - Automated Scan .env Files And Checking Debug Mode In Victim Host](http://feedproxy.google.com/~r/PentestTools/~3/2gcvf8zseEA/laraveln00b-automated-scan-env-files.html)
2020-01-13 11:35:02 +00:00
- [Andriller - Software Utility With A Collection Of Forensic Tools For Smartphones](http://feedproxy.google.com/~r/PentestTools/~3/CGAtcMHkN58/andriller-software-utility-with.html)
2020-01-12 21:20:03 +00:00
- [LAVA - Large-scale Automated Vulnerability Addition](http://feedproxy.google.com/~r/PentestTools/~3/NcAB_2aw32k/lava-large-scale-automated.html)
2020-01-12 11:35:02 +00:00
- [Heapinspect - Inspect Heap In Python](http://feedproxy.google.com/~r/PentestTools/~3/IiCD14cYq24/heapinspect-inspect-heap-in-python.html)
2020-01-11 21:10:03 +00:00
- [CHAPS - Configuration Hardening Assessment PowerShell Script](http://feedproxy.google.com/~r/PentestTools/~3/5KGQldrk1HE/chaps-configuration-hardening.html)
2020-01-11 11:35:02 +00:00
- [Karonte - A Static Analysis Tool To Detect Multi-Binary Vulnerabilities In Embedded Firmware](http://feedproxy.google.com/~r/PentestTools/~3/Id6YHzVv09A/karonte-static-analysis-tool-to-detect.html)
2020-01-10 21:05:02 +00:00
- [IotShark - Monitoring And Analyzing IoT Traffic](http://feedproxy.google.com/~r/PentestTools/~3/PeNmS58306Q/iotshark-monitoring-and-analyzing-iot.html)
2020-01-10 12:35:02 +00:00
- [LNAV - Log File Navigator](http://feedproxy.google.com/~r/PentestTools/~3/3vkEu05vBmw/lnav-log-file-navigator.html)
2020-01-09 20:55:02 +00:00
- [TuxResponse - Linux Incident Response](http://feedproxy.google.com/~r/PentestTools/~3/XkMJJaEjx_Q/tuxresponse-linux-incident-response.html)
2020-01-09 11:35:02 +00:00
- [Stowaway - Multi-hop Proxy Tool For Pentesters](http://feedproxy.google.com/~r/PentestTools/~3/YKyUkJguG1o/stowaway-multi-hop-proxy-tool-for.html)
2020-01-08 20:40:03 +00:00
- [Git-Vuln-Finder - Finding Potential Software Vulnerabilities From Git Commit Messages](http://feedproxy.google.com/~r/PentestTools/~3/6trl3SIo3BM/git-vuln-finder-finding-potential.html)
2020-01-08 11:35:02 +00:00
- [WAFW00F v2.0 - Allows One To Identify And Fingerprint Web Application Firewall (WAF) Products Protecting A Website](http://feedproxy.google.com/~r/PentestTools/~3/x0wBL8NRXaE/wafw00f-v20-allows-one-to-identify-and.html)
2020-01-08 01:30:03 +00:00
- [XposedOrNot - Tool To Search An Aggregated Repository Of Xposed Passwords Comprising Of ~850 Million Real Time Passwords](http://feedproxy.google.com/~r/PentestTools/~3/djD79KVqJpY/xposedornot-tool-to-search-aggregated.html)
2020-01-07 21:10:02 +00:00
- [Dsync - IDAPython Plugin That Synchronizes Disassembler And Decompiler Views](http://feedproxy.google.com/~r/PentestTools/~3/cTZCZAOl5ZY/dsync-idapython-plugin-that.html)
2020-01-07 11:05:02 +00:00
- [RFCpwn - An Enumeration And Exploitation Toolkit Using RFC Calls To SAP](http://feedproxy.google.com/~r/PentestTools/~3/SxCeVp5LrPY/rfcpwn-enumeration-and-exploitation.html)
2020-01-06 21:00:03 +00:00
- [LKWA - Lesser Known Web Attack Lab](http://feedproxy.google.com/~r/PentestTools/~3/_D8J5ofnkjc/lkwa-lesser-known-web-attack-lab.html)
2020-01-06 11:35:02 +00:00
- [Multiscanner - Modular File Scanning/Analysis Framework](http://feedproxy.google.com/~r/PentestTools/~3/JCWYObLaesQ/multiscanner-modular-file.html)
2020-01-06 07:22:50 +00:00
- [Findomain v0.9.3 - The Fastest And Cross-Platform Subdomain Enumerator](http://feedproxy.google.com/~r/PentestTools/~3/F8FCuzzp1eY/findomain-v093-fastest-and-cross.html)
- [OKadminFinder - Admin Panel Finder / Admin Login Page Finder](http://feedproxy.google.com/~r/PentestTools/~3/Wy3OcRdb1pk/okadminfinder-admin-panel-finder-admin.html)
- [BetterBackdoor - A Backdoor With A Multitude Of Features](http://feedproxy.google.com/~r/PentestTools/~3/fnQYMC92Af4/betterbackdoor-backdoor-with-multitude.html)
- [Spraykatz - A Tool Able To Retrieve Credentials On Windows Machines And Large Active Directory Environments](http://feedproxy.google.com/~r/PentestTools/~3/hk7FN1evtJ4/spraykatz-tool-able-to-retrieve.html)
- [Shelly - Simple Backdoor Manager With Python (Based On Weevely)](http://feedproxy.google.com/~r/PentestTools/~3/Oof3oJ5ys_U/shelly-simple-backdoor-manager-with.html)
- [huskyCI - Performing Security Tests Inside Your CI](http://feedproxy.google.com/~r/PentestTools/~3/PCjfmxm5mk0/huskyci-performing-security-tests.html)
- [AttackSurfaceMapper - A Tool That Aims To Automate The Reconnaissance Process](http://feedproxy.google.com/~r/PentestTools/~3/BaoKl5m0_Zg/attacksurfacemapper-tool-that-aims-to.html)
- [Pylane - An Python VM Injector With Debug Tools, Based On GDB](http://feedproxy.google.com/~r/PentestTools/~3/NXSFocHtf4w/pylane-python-vm-injector-with-debug.html)
- [PAKURI - Penetration Test Achieve Knowledge Unite Rapid Interface](http://feedproxy.google.com/~r/PentestTools/~3/Mi6WN2Gybmo/pakuri-penetration-test-achieve.html)
- [Malwinx - Just A Normal Flask Web App To Understand Win32Api With Code Snippets And References](http://feedproxy.google.com/~r/PentestTools/~3/uJtIDU0fedk/malwinx-just-normal-flask-web-app-to.html)
- [Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System](http://feedproxy.google.com/~r/PentestTools/~3/utzP6iBfGHg/quark-engine-obfuscation-neglect.html)
- [nmapAutomator - Tool To Automate All Of The Process Of Recon/Enumeration](http://feedproxy.google.com/~r/PentestTools/~3/E4Iu0NnZ68s/nmapautomator-tool-to-automate-all-of.html)
- [RansomCoin - A DFIR Tool To Extract Cryptocoin Addresses And Other Indicators Of Compromise From Binaries](http://feedproxy.google.com/~r/PentestTools/~3/GvziPKgW9H8/ransomcoin-dfir-tool-to-extract.html)
- [Pown.js - A Security Testing An Exploitation Toolkit Built On Top Of Node.js And NPM](http://feedproxy.google.com/~r/PentestTools/~3/d6N6weN0Sls/pownjs-security-testing-exploitation.html)
- [Top 20 Most Popular Hacking Tools in 2019](http://feedproxy.google.com/~r/PentestTools/~3/nlQ2cTwvBWU/top-20-most-popular-hacking-tools-in.html)
- [Turbolist3r - Subdomain Enumeration Tool With Analysis Features For Discovered Domains](http://feedproxy.google.com/~r/PentestTools/~3/N2YrQhf-ZQA/turbolist3r-subdomain-enumeration-tool.html)
- [SQLMap v1.4 - Automatic SQL Injection And Database Takeover Tool](http://feedproxy.google.com/~r/PentestTools/~3/E9qL_gItzM0/sqlmap-v14-automatic-sql-injection-and.html)
- [AVCLASS++ - Yet Another Massive Malware Labeling Tool](http://feedproxy.google.com/~r/PentestTools/~3/grHx9mKrtYw/avclass-yet-another-massive-malware.html)
- [XSpear v1.3 - Powerfull XSS Scanning And Parameter Analysis Tool](http://feedproxy.google.com/~r/PentestTools/~3/bznAwae962s/xspear-v13-powerfull-xss-scanning-and.html)
- [Kamerka GUI - Ultimate Internet Of Things/Industrial Control Systems Reconnaissance Tool](http://feedproxy.google.com/~r/PentestTools/~3/VXVdUp5N_VE/kamerka-gui-ultimate-internet-of.html)
- [SysWhispers - AV/EDR Evasion Via Direct System Calls](http://feedproxy.google.com/~r/PentestTools/~3/WdlNh76UZmY/syswhispers-avedr-evasion-via-direct.html)
- [S3Tk - A Security Toolkit For Amazon S3](http://feedproxy.google.com/~r/PentestTools/~3/I-t2K2h-_nM/s3tk-security-toolkit-for-amazon-s3.html)
- [WindowsFirewallRuleset - Windows Firewall Ruleset Powershell Scripts](http://feedproxy.google.com/~r/PentestTools/~3/k141Im4eB3o/windowsfirewallruleset-windows-firewall.html)
- [AWS Report - Tool For Analyzing Amazon Resources](http://feedproxy.google.com/~r/PentestTools/~3/SAdoyWAz1c4/aws-report-tool-for-analyzing-amazon.html)
- [Tishna - Complete Automated Pentest Framework For Servers, Application Layer To Web Security](http://feedproxy.google.com/~r/PentestTools/~3/3wBSl0rNph4/tishna-complete-automated-pentest.html)
2019-11-30 02:07:23 +00:00
- [RedPeanut - A Small RAT Developed In .Net Core 2 And Its Agent In .Net 3.5/4.0](http://feedproxy.google.com/~r/PentestTools/~3/UUoNVH2ftOs/redpeanut-small-rat-developed-in-net.html)
- [DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices](http://feedproxy.google.com/~r/PentestTools/~3/wfG0ntJ0tYI/detectionlab-vagrant-and-packer-scripts.html)
- [Andor - Blind SQL Injection Tool With Golang](http://feedproxy.google.com/~r/PentestTools/~3/zATm4I4cspQ/andor-blind-sql-injection-tool-with.html)
- [SQL Injection Payload List](http://feedproxy.google.com/~r/PentestTools/~3/ayR6sAbbWFM/sql-injection-payload-list.html)
- [WinPwn - Automation For Internal Windows Penetrationtest / AD-Security](http://feedproxy.google.com/~r/PentestTools/~3/-4Y4QPv6370/winpwn-automation-for-internal-windows.html)
- [Ddoor - Cross Platform Backdoor Using Dns Txt Records](http://feedproxy.google.com/~r/PentestTools/~3/lT6QmCTiWZI/ddoor-cross-platform-backdoor-using-dns.html)
- [Custom Header - Automatic Add New Header To Entire BurpSuite HTTP Requests](http://feedproxy.google.com/~r/PentestTools/~3/FrRisehI7Hw/custom-header-automatic-add-new-header.html)
- [SCShell - Fileless Lateral Movement Tool That Relies On ChangeServiceConfigA To Run Command](http://feedproxy.google.com/~r/PentestTools/~3/X10EwvOx9PQ/scshell-fileless-lateral-movement-tool.html)
- [Ultimate Facebook Scraper - A Bot Which Scrapes Almost Everything About A Facebook User'S Profile Including All Public Posts/Statuses Available On The User'S Timeline, Uploaded Photos, Tagged Photos, Videos, Friends List And Their Profile Photos](http://feedproxy.google.com/~r/PentestTools/~3/gp_DtiGu_sY/ultimate-facebook-scraper-bot-which.html)
- [FireProx - AWS API Gateway Management Tool For Creating On The Fly HTTP Pass-Through Proxies For Unique IP Rotation](http://feedproxy.google.com/~r/PentestTools/~3/TkQaYYrkjO8/fireprox-aws-api-gateway-management.html)
- [DNCI - Dot Net Code Injector](http://feedproxy.google.com/~r/PentestTools/~3/Ji5q7TQco-c/dnci-dot-net-code-injector.html)
- [RdpThief - Extracting Clear Text Passwords From Mstsc.Exe Using API Hooking](http://feedproxy.google.com/~r/PentestTools/~3/_16Af6YgVU4/rdpthief-extracting-clear-text.html)
- [Leprechaun - Tool Used To Map Out The Network Data Flow To Help Penetration Testers Identify Potentially Valuable Targets](http://feedproxy.google.com/~r/PentestTools/~3/6JmHURb1L1E/leprechaun-tool-used-to-map-out-network.html)
- [Glances - An Eye On Your System. A Top/Htop Alternative For GNU/Linux, BSD, Mac OS And Windows Operating Systems](http://feedproxy.google.com/~r/PentestTools/~3/Bi11t3vQPXc/glances-eye-on-your-system-tophtop.html)
- [Sshtunnel - SSH Tunnels To Remote Server](http://feedproxy.google.com/~r/PentestTools/~3/6M8Oysn80ZY/sshtunnel-ssh-tunnels-to-remote-server.html)
- [RE:TERNAL - Repo Containing Docker-Compose Files And Setup Scripts Without Having To Clone The Individual Reternal Components](http://feedproxy.google.com/~r/PentestTools/~3/IYzPV_tA-XI/reternal-repo-containing-docker-compose.html)
- [Antispy - A Free But Powerful Anti Virus And Rootkits Toolkit](http://feedproxy.google.com/~r/PentestTools/~3/XkcKtXVulps/antispy-free-but-powerful-anti-virus.html)
- [Flan - A Pretty Sweet Vulnerability Scanner By CloudFlare](http://feedproxy.google.com/~r/PentestTools/~3/6-Bh9w3dbPk/flan-pretty-sweet-vulnerability-scanner.html)
- [Corsy - CORS Misconfiguration Scanner](http://feedproxy.google.com/~r/PentestTools/~3/0C7E2QC4myo/corsy-cors-misconfiguration-scanner.html)
- [Kali Linux 2019.4 Release - Penetration Testing and Ethical Hacking Linux Distribution](http://feedproxy.google.com/~r/PentestTools/~3/l8pYhW33fno/kali-linux-20194-release-penetration.html)
- [XML External Entity (XXE) Injection Payload List](http://feedproxy.google.com/~r/PentestTools/~3/eAuCIbT3oBk/xml-external-entity-xxe-injection.html)
- [ATFuzzer - Dynamic Analysis Of AT Interface For Android Smartphones](http://feedproxy.google.com/~r/PentestTools/~3/OL4U89ASYkU/atfuzzer-dynamic-analysis-of-at.html)
- [Netstat2Neo4J - Create Cypher Create Statements For Neo4J Out Of Netstat Files From Multiple Machines](http://feedproxy.google.com/~r/PentestTools/~3/3d0Xl5zLmqY/netstat2neo4j-create-cypher-create.html)
- [BaseQuery - A Way To Organize Public Combo-Lists And Leaks In A Way That You Can Easily Search Through Everything](http://feedproxy.google.com/~r/PentestTools/~3/xagTe4W9uT4/basequery-way-to-organize-public-combo.html)
- [Attack Monitor - Endpoint Detection And Malware Analysis Software](http://feedproxy.google.com/~r/PentestTools/~3/_RxX4yOr-Ts/attack-monitor-endpoint-detection-and.html)
2019-01-19 19:42:02 +00:00
- [Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io](http://feedproxy.google.com/~r/PentestTools/~3/xeXSGXnN_xA/crashcast-exploit-this-tool-allows-you.html)
- [Tool-X - A Kali Linux Hacking Tool Installer](http://feedproxy.google.com/~r/PentestTools/~3/JqzGZm7j4JQ/tool-x-kali-linux-hacking-tool-installer.html)
2019-01-19 19:35:53 +00:00
- [SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool](http://feedproxy.google.com/~r/PentestTools/~3/RNZTk3qTooc/sqlmap-v13-automatic-sql-injection-and.html)
- [Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information](http://feedproxy.google.com/~r/PentestTools/~3/PdXu9zuRDIg/stretcher-tool-designed-to-help.html)
- [Aztarna - A Footprinting Tool For Robots](http://feedproxy.google.com/~r/PentestTools/~3/Q9CYfShlqRA/aztarna-footprinting-tool-for-robots.html)
- [Hediye - Hash Generator & Cracker Online Offline](http://feedproxy.google.com/~r/PentestTools/~3/p0oO5qBUFoI/hediye-hash-generator-cracker-online.html)
- [Killcast - Manipulate Chromecast Devices In Your Network](http://feedproxy.google.com/~r/PentestTools/~3/rMCHdNb3sTI/killcast-manipulate-chromecast-devices.html)
- [bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records](http://feedproxy.google.com/~r/PentestTools/~3/4GvtphGIZmM/bypass-firewalls-by-dns-history.html)
- [WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack](http://feedproxy.google.com/~r/PentestTools/~3/HogR4BTI3tM/wifi-pumpkin-v087-framework-for-rogue.html)
- [H8Mail - Email OSINT And Password Breach Hunting](http://feedproxy.google.com/~r/PentestTools/~3/u6x3-7n6oMI/h8mail-email-osint-and-password-breach.html)
- [Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters](http://feedproxy.google.com/~r/PentestTools/~3/Dr1bT8peAAc/kube-hunter-hunt-for-security.html)
- [Metasploit 5.0 - The Worlds Most Used Penetration Testing Framework](http://feedproxy.google.com/~r/PentestTools/~3/WdwaF60VaxA/metasploit-50-worlds-most-used.html)
- [Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support](http://feedproxy.google.com/~r/PentestTools/~3/WogS-qr4dno/interlace-easily-turn-single-threaded.html)
- [Twifo-Cli - Get User Information Of A Twitter User](http://feedproxy.google.com/~r/PentestTools/~3/Sbc3gunRkBE/twifo-cli-get-user-information-of.html)
- [Sitadel - Web Application Security Scanner](http://feedproxy.google.com/~r/PentestTools/~3/zfPWuXefLsw/sitadel-web-application-security-scanner.html)
- [Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)](http://feedproxy.google.com/~r/PentestTools/~3/MV1mlXFmkpg/pe-sieve-recognizes-and-dumps-variety.html)
- [Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To](http://feedproxy.google.com/~r/PentestTools/~3/sZXmRx1pB7E/malboxes-builds-malware-analysis.html)
- [Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies](http://feedproxy.google.com/~r/PentestTools/~3/elMWRHLI054/snyk-cli-and-build-time-tool-to-find.html)
- [Shed - .NET Runtime Inspector](http://feedproxy.google.com/~r/PentestTools/~3/byWGTLrRRMA/shed-net-runtime-inspector.html)
- [Stardox - Github Stargazers Information Gathering Tool](http://feedproxy.google.com/~r/PentestTools/~3/kAWqztoZ97E/stardox-github-stargazers-information.html)
- [Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool](http://feedproxy.google.com/~r/PentestTools/~3/mjOk7rQhp2Y/commix-v27-automated-all-in-one-os.html)
- [AutoSploit v3.0 - Automated Mass Exploiter](http://feedproxy.google.com/~r/PentestTools/~3/nDoUfG2uHQg/autosploit-v30-automated-mass-exploiter.html)
- [Faraday v3.5 - Collaborative Penetration Test and Vulnerability Management Platform](http://feedproxy.google.com/~r/PentestTools/~3/Fq1vFkcIIFI/faraday-v35-collaborative-penetration.html)
- [Recaf - A Modern Java Bytecode Editor](http://feedproxy.google.com/~r/PentestTools/~3/mAzq3GzpHIg/recaf-modern-java-bytecode-editor.html)
- [dnSpy - .NET Debugger And Assembly Editor](http://feedproxy.google.com/~r/PentestTools/~3/JZaPW594CQE/dnspy-net-debugger-and-assembly-editor.html)